MDL-18348 CVE-2007-3215

diff --git a/lib/phpmailer/README_MOODLE.txt b/lib/phpmailer/README_MOODLE.txt
index a45eea5dc90812b9b97e99cd9e771cd707639147..c44f33388db3fb3359e1f8ef6078fb3440f2227e 100644 (file)
--- a/lib/phpmailer/README_MOODLE.txt
+++ b/lib/phpmailer/README_MOODLE.txt
@@ -1,23 +1,9 @@
-Moodle-specific changes to phpmailer are tracked here.
+Description of PHPMailer 1.73 library import into Moodle
 
+Changes:
 
-  lib/phpmailer/class.phpmailer.php
-
-  Changed by: Vy-Shane Sin Fat <vy-shane AT moodle.com>
-  Date: 14 Feb 2007
-  Reason: http://tracker.moodle.org/browse/MDL-3681
-
-
-  lib/phpmailer/class.phpmailer.php
-
-  Changed by skodak
-  Date 12 Mar 2007
-  Reason: support for gb18030
-
-
-  lib/phpmailer/class.phpmailer.php
-
-  Changed by skodak
-  Date 15 Dec 2007
-  Reason: MDL-12596 - correct timezone in date
-  
\ No newline at end of file
+class.phpmailer.php
+ * Duplicate Message-IDs in Forum mail (MDL-3681)
+ * Support for gb18030 (MDL-5229)
+ * Correct timezone in date (MDL-12596)
+ * Backported fixes for CVE-2007-3215 (MDL-18348)

diff --git a/lib/phpmailer/class.phpmailer.php b/lib/phpmailer/class.phpmailer.php
index a91b4204e6ea42e1bdb814da9e8ddded2d520f02..b67a33c88db96da7c6e9885b625e13e2312fbb16 100644 (file)
--- a/lib/phpmailer/class.phpmailer.php
+++ b/lib/phpmailer/class.phpmailer.php
@@ -404,9 +404,9 @@ class PHPMailer
      */
     function SendmailSend($header, $body) {
         if ($this->Sender != "")
-            $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);
+            $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
         else
-            $sendmail = sprintf("%s -oi -t", $this->Sendmail);
+            $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail));
 
         if(!@$mail = popen($sendmail, "w"))
         {